Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.

We’re pleased to preview Dynamic Remediation, a capability that makes remediated findings immediately impactful to the affected customer’s Bitsight Security Rating.

After a year long investigation, Bitsight TRACE follows up on Socks5Systemz research.

We asked the Institut Luxembourgeois de Régulation (ILR) about NIS2 and what does it mean in practice. Here are their answers.

We introduced Cybersecurity Data Feeds last year to address the needs of organizations operating at this scale. In this post, we’ll share some exciting new additions that we’ve made to this offering.

Bitsight's CTO, David Casion, shares 7 tips for balancing AI innovation with governance—covering data security, team collaboration, and prioritizing high-ROI opportunities.

Brandon Smith discusses some of the challenges an Automation Engineer face, Bitsight's partnership with Schneider Electric, and what manufacturers in general are doing to tackle ICS security.

Some practical examples of how Bitsight customers are finding quick wins with Trust Management Hub an effective governance, risk, and compliance (GRC) program.

This is a continuation of the series on web application security where we dive into cookie dynamics.

Bitsight’s visibility over infostealer malware which exfiltrates over Telegram suggests that the most infected countries are the USA, Turkey, and Russia, followed by India and Germany.

We commissioned Forrester Consulting to conduct a 2024 Total Economic Impact™(TEI) Of Bitsight study. Explore research on the financial impact that a typical organization can achieve with Bitsight.

The cybersecurity controls used to manage an organization’s cybersecurity program in previous years will not work against bad actors targeting networks today. Organizations rely more on cloud computing technology, connecting their sensitive data to more third party networks and in turn expanding their attack surface.

This blog starts with the basics as part of a series regarding operational security, such as web application headers and defenses against attacks such as cross-site scripting (XSS), cross-site request forgery (CSRF), and vulnerabilities in included libraries.

How Bitsight leadership has set up and run a workable AI Council balancing innovation through the use of AI with being a cybersecurity risk management firm.

Our response to CVEs within the CUPS printing system, where several critical vulnerabilities were identified.

Phishing kits are easy to access on the cyber underground, making attacks simpler than ever. Learn how these tools work and how to defend against them.